CVE-2015-3814Infinite Loop in Wireshark

CWE-189CWE-835Infinite Loop7 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 62.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
WiresharkOracle Solaris
Timeline
PublishedMay 26
Latest updateMay 17

Description

The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

Debianwireshark/wireshark< 1.12.5+g5819e5b-1+3
NVDwireshark/wireshark20 versions+19
NVDoracle/solaris11.2

🔴Vulnerability Details

3
GHSA
GHSA-54wq-phvq-x3gf: The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee802112022-05-17
OSV
CVE-2015-3814: The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee802112015-05-26
CVEList
CVE-2015-3814: The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee802112015-05-26

📋Vendor Advisories

2
Red Hat
wireshark: IEEE 802.11 infinite loop (wnpa-sec-2015-17)2015-05-12
Debian
CVE-2015-3814: wireshark - The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/disse...2015

💬Community

1
Bugzilla
CVE-2015-3814 wireshark: IEEE 802.11 infinite loop (wnpa-sec-2015-17)2015-05-18
CVE-2015-3814 — Infinite Loop in Wireshark | cvebase